$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.mft File: XnKqfVsdVjLl0z_scvp0M_Sc4po.mft (raw, json) Hash identifier: uQdTdjcdoEy6uFDnC3Dm/5OTfJ/0nrz7SpOpfJuRv3c= Subject key identifier: 0B:1F:57:76:5B:FE:C1:99:49:AB:81:92:6E:14:4E:DC:81:4D:53:9F Authority key identifier: 5E:72:AA:7D:5B:1D:56:32:E5:D3:3F:EC:72:FA:74:33:F4:9C:E2:9A Certificate issuer: /CN=A91C9E82/serialNumber=5E72AA7D5B1D5632E5D33FEC72FA7433F49CE29A Certificate serial: 015F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnKqfVsdVjLl0z_scvp0M_Sc4po.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.mft Manifest number: 0142 Signing time: Mon 05 May 2025 03:31:32 +0000 Manifest this update: Mon 05 May 2025 03:31:32 +0000 Manifest next update: Mon 12 May 2025 03:31:32 +0000 Files and hashes: 1: XnKqfVsdVjLl0z_scvp0M_Sc4po.crl (hash: 5zONT/2Ml32T3D64yD/TG33GWdiRHF9ObWXN6XrfwTU=) 2: 36C31E00637111EEA51CA05EC4F9AE02.roa (hash: VRlasPmFdnGQ7jXmsGRiZ9YkkvB4UEQJbRXUpRC4bL8=) 3: 00E626A4A57611EF98285E5FC4F9AE02.roa (hash: ebTeaPrWBlAg+bHK7CkBFu5kiy7GaQn9QlJ0VdT4JzQ=) 4: 98BE8828663D11EE8CBBAE7CC4F9AE02.roa (hash: qOQvPOfqQOexW3Sxvhsqmm5W1KEN72YTFSt5Z0QktXg=) 5: 99341DD6663D11EE8CBBAE7CC4F9AE02.roa (hash: pidH+xtb8OXyN3SlmzLiBUdr0SQho8QbaXQpLP6w5rQ=) 6: 678C24C0663F11EEBD955D43C4F9AE02.roa (hash: LMxslHx0hj+eRPegweO/Q77RiY35syFR40MU3J+sT8s=) 7: 9830B6D8663D11EE8CBBAE7CC4F9AE02.roa (hash: Wa8VD0lmDOwdth5KoUIOfMLBdB57aoMl1cYAfCOjMXs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.crl rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnKqfVsdVjLl0z_scvp0M_Sc4po.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 12 May 2025 03:31:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 351 (0x15f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9E82, serialNumber=5E72AA7D5B1D5632E5D33FEC72FA7433F49CE29A Validity Not Before: May 5 03:31:32 2025 GMT Not After : May 12 03:31:32 2025 GMT Subject: CN=68183114-21bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:cc:5f:0b:11:7b:4f:b5:52:26:88:c9:17:c9: 49:20:c8:5f:14:de:19:57:ae:41:04:e2:28:90:18: d0:70:ee:85:79:ca:d2:20:07:19:1c:4d:ff:99:c1: 6d:f9:ac:c8:09:04:39:58:76:a3:e0:f0:0f:13:56: 6f:d6:41:df:ea:f4:24:f7:b1:dc:86:58:bc:8f:99: 6d:0c:b8:b5:a6:22:cc:bc:cd:a9:80:19:a1:0d:6b: a6:86:6f:95:e6:8b:0f:ab:0f:1b:a2:a6:44:45:06: 52:79:f2:9c:a3:e0:86:bb:73:9e:9a:ee:79:45:04: 88:78:d2:56:3e:0a:51:79:a9:63:16:f1:0d:ca:f0: ef:33:53:0b:87:29:84:93:85:08:9b:62:38:32:ac: 5c:d1:a2:78:c3:9b:dd:79:f8:d9:b8:13:f9:16:82: bc:20:fe:01:71:89:bf:1c:99:a9:c4:29:cc:ac:5b: fc:41:0c:12:a0:28:2f:4b:6e:0a:b1:cc:f8:54:2b: 96:5c:be:d3:40:dc:95:42:13:f0:52:af:2c:89:46: ed:9e:ba:87:bf:6e:e0:10:67:f4:a6:58:21:45:26: 36:99:43:fa:04:4a:6f:0f:02:25:c2:bd:41:2f:3b: 36:5c:b9:80:3e:f4:e1:bd:36:06:bc:cb:0a:87:53: 69:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:1F:57:76:5B:FE:C1:99:49:AB:81:92:6E:14:4E:DC:81:4D:53:9F X509v3 Authority Key Identifier: keyid:5E:72:AA:7D:5B:1D:56:32:E5:D3:3F:EC:72:FA:74:33:F4:9C:E2:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XnKqfVsdVjLl0z_scvp0M_Sc4po.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9E82/EA7E5FA6636F11EE97C74B5CC4F9AE02/XnKqfVsdVjLl0z_scvp0M_Sc4po.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1d:dc:12:19:c5:7f:e5:61:a3:10:53:3f:8a:37:65:f5:90:b4: ae:5f:f8:09:e3:ab:99:09:b3:3d:75:4a:8c:a4:67:33:d4:9a: ab:cd:40:93:62:20:68:45:c1:cb:df:80:96:4b:96:25:9d:1f: 96:93:dc:fe:c4:15:a8:2a:b3:97:dd:29:b9:67:fc:74:a8:bc: c1:95:a0:cc:8a:17:93:1d:f1:ed:14:e3:ed:37:88:3a:c6:bb: 47:b4:c6:3c:e2:b5:48:7e:e3:c9:7e:3e:02:a1:9b:7f:b8:35: 37:0d:83:5e:57:a1:3f:55:9f:ae:00:e3:dd:74:8e:a3:dd:db: 0b:9a:a2:f1:c1:6e:00:95:fb:56:20:64:62:03:f4:9c:48:20: d3:0e:47:c8:08:24:6d:b3:b7:c2:d0:b6:5f:22:97:31:b2:e1: fe:7b:66:59:c5:02:6c:9d:1d:30:b9:7e:d1:f2:c8:1f:27:b1: 27:0a:f6:42:49:46:b9:e7:7c:9c:a8:bd:1f:b4:d4:e7:80:2f: 8d:b5:aa:98:24:6c:ab:53:fa:20:9a:4b:55:6d:12:46:80:09: df:b5:da:90:bf:a8:93:0c:51:16:2b:09:85:75:04:b2:e7:9e: ae:4c:ee:48:4d:f3:0a:87:a1:30:ce:e3:49:53:13:99:51:4f: 98:04:00:b3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAV8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzlFODIxMTAvBgNVBAUTKDVFNzJBQTdENUIxRDU2MzJFNUQzM0ZFQzcyRkE3NDMz RjQ5Q0UyOUEwHhcNMjUwNTA1MDMzMTMyWhcNMjUwNTEyMDMzMTMyWjAYMRYwFAYD VQQDEw02ODE4MzExNC0yMWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz8xfCxF7T7VSJojJF8lJIMhfFN4ZV65BBOIokBjQcO6FecrSIAcZHE3/mcFt +azICQQ5WHaj4PAPE1Zv1kHf6vQk97Hchli8j5ltDLi1piLMvM2pgBmhDWumhm+V 5osPqw8boqZERQZSefKco+CGu3Oemu55RQSIeNJWPgpRealjFvENyvDvM1MLhymE k4UIm2I4Mqxc0aJ4w5vdefjZuBP5FoK8IP4BcYm/HJmpxCnMrFv8QQwSoCgvS24K scz4VCuWXL7TQNyVQhPwUq8siUbtnrqHv27gEGf0plghRSY2mUP6BEpvDwIlwr1B Lzs2XLmAPvThvTYGvMsKh1NplwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAsfV3Zb /sGZSauBkm4UTtyBTVOfMB8GA1UdIwQYMBaAFF5yqn1bHVYy5dM/7HL6dDP0nOKa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUU4Mi9FQTdFNUZBNjYz NkYxMUVFOTdDNzRCNUNDNEY5QUUwMi9YbktxZlZzZFZqTGwwel9zY3ZwME1fU2M0 cG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1huS3FmVnNkVmpMbDB6X3NjdnAwTV9TYzRwby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD OUU4Mi9FQTdFNUZBNjYzNkYxMUVFOTdDNzRCNUNDNEY5QUUwMi9YbktxZlZzZFZq TGwwel9zY3ZwME1fU2M0cG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAd3BIZxX/lYaMQUz+KN2X1kLSuX/gJ46uZCbM9dUqMpGcz1JqrzUCT YiBoRcHL34CWS5YlnR+Wk9z+xBWoKrOX3Sm5Z/x0qLzBlaDMiheTHfHtFOPtN4g6 xrtHtMY84rVIfuPJfj4CoZt/uDU3DYNeV6E/VZ+uAOPddI6j3dsLmqLxwW4AlftW IGRiA/ScSCDTDkfICCRts7fC0LZfIpcxsuH+e2ZZxQJsnR0wuX7R8sgfJ7EnCvZC SUa553ycqL0ftNTngC+NtaqYJGyrU/ogmktVbRJGgAnftdqQv6iTDFEWKwmFdQSy 556uTO5ITfMKh6EwzuNJUxOZUU+YBACz -----END CERTIFICATE-----Generated at Wed May 7 04:21:11 2025 by rpki-client